Three-tier web app architecture spanning multiple AWS availability zones with Route 53 DNS, CloudFront CDN, and WAF protecting an ALB that routes traffic to auto-scaled EC2 web tier instances. Application tier runs m5.large EC2 servers with RDS PostgreSQL primary-replica replication, ElastiCache for session caching, and Secrets Manager for credential management. Core infrastructure includes KMS encryption, IAM roles for least-privilege access, CloudWatch monitoring, CloudTrail audit logging, and S3 static asset delivery, demonstrating production-grade security and resilience patterns. Fork this diagram to customize subnets, instance types, or add additional services like Lambda or DynamoDB. The architecture balances cost efficiency with fault tolerance across AZ-1 and AZ-2, making it ideal for mission-critical applications requiring 99.99% uptime.